Wireless mobile communication devices such as wireless phones have become increasingly popular and common. Wireless personal communication systems (PCS) are emerging. These devices give the user the flexibility to initiate telephone calls from other than fixed locations. However, as a result of this mobility and flexibility it is more difficult for the service provider, the telephone company, to positively identify the caller so as to properly bill for the call. Unlike a conventional phone, wireless devices are not permanently located, and thus are not easily identified by a drop at the end of a telephone line. Rather, wireless devices must make known their identity at call start-up for the call to proceed.
In performing this identification process it is clear that an identification code and/or password must be provided by the caller to a wireless network control station which verifies the identity of the caller and connects the caller to the public telephone network. The identification code must be transmitted by the wireless device by radio means and is thus inherently insecure. A third party, knowing the frequency of the wireless transmission can intercept the transmission and learn the identification code of the caller. This permits the eavesdropper to determine the identity of the caller and the identification code of the device, allowing him to later commit telephone fraud by electronically impersonating the identity of that caller.
In one approach to securing the process of identification of the wireless device, a public key cryptosystem has been utilized. Using a public key encryption method, verification procedures can be designed such that wireless network control stations are not required to access databases to look up passwords, and an unlimited number of eavesdropped authentications will not be sufficient to impersonate a wireless device. However, such methods require substantial computation in order to operate.
It is thus desirable to provide a means and apparatus for transmitting an identification code by a wireless device caller to a wireless network control station, providing verification threat which is not susceptible to discovery by a third party and is not computationally substantial.